You don’t know what you don’t know. This statement is very true as it pertains to the technical controls, tools, and services being used within your organization deployed to protect against attackers and threats.
How much overlap in tools and capabilities does your current suite of security controls generate? Wouldn’t it be great if you could determine what tools were meant to do what? How about being able to justify expenses on new, or upgrades to existing, solutions?
This session will show you how to create a detailed gap analysis of your currently deployed technical controls against the types of threats your organization may face. Not only will this help visualize overlaps, but it will also highlight deficiencies that could be addressed by an increase in budget, a configuration change, an Open Source tool, or even a license upgrade. It will also show you how to properly budget for areas not currently addressed using concrete data backed by the MITRE ATT&CK framework.
Darryl MacLeod has over 20 years of experience in the IT security sector, having been responsible for optimizing service delivery to all levels of enterprise and government level organizations.
Darryl has presented at the Atlantic HTCIA IT Security Conference, Halifax Area Security Klatch (HASK), Security B-Sides St. John’s, ISACA Atlantic Provinces Chapter Information Security & Risk Conference, GoSec and the Texas Cyber Summit. He sits on the Board of Directors for the Atlantic Security Conference and was the Lead Organizer for the Security B-Sides Cape Breton conference.